Information Security Risk Management for Iso27001/Iso27002
Alan Calder and Steve Watkins
Page count: 187 pages
File size: 1.2 MB
Drawing on international best practice, including ISO/IEC 27005, NIST SP800-30 and BS7799-3, the book explains in practical detail how to carry out an information security risk assessment. It covers key topics, such as risk scales, threats and vulnerabilities, selection of controls, and roles and responsibilities, and includes advice on choosing risk assessment software.